package com.tianbo.controller;

import com.tianbo.common.ModelAndPage;
import com.tianbo.model.Users;
import com.tianbo.model.UsersExample;
import com.tianbo.service.UserService;
import com.tianbo.util.dao.Page;
import com.tianbo.util.tools.MD5Tools;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.math.BigDecimal;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

/**
 * Created by mrz on 2017/8/23.
 */
@Controller
@RequestMapping("/user")
public class UserController {

    //service类
    @Autowired
    private UserService userService;



    @RequestMapping("add")
    @RequiresRoles("admin")
    public ModelAndView addUserV(){
        Users newUser = new Users();
        return new ModelAndView("user/add","user",newUser);
    }

    @RequestMapping("/edit")
    @RequiresRoles("admin")
    @RequiresPermissions({"user:edit","user:find"})
    public  ModelAndView userId(@ModelAttribute Users user){

        String username = (String) SecurityUtils.getSubject().getSession().getAttribute("username");
        //这里需要判断下，当前用户是可以编辑自己的资料的，或者再起一个ACTION，单独判断权限

        return new ModelAndView("user/edit","user",user);

    }

    @RequiresRoles("admin")
    @RequestMapping("list")
    public String list(){
        return "user/list";
    }
}
